Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/c79c9547-b29c-4f41-b7c0-0fad2abd4863.roa
File: c79c9547-b29c-4f41-b7c0-0fad2abd4863.roa (raw, json)
Hash identifier: FhigyrXjysZ1YFPH9pD1h73wLoUOYLE0Gu1bENLuvWg=
Subject key identifier: FF:CA:B9:2A:F7:B4:16:D9:DF:91:FF:A5:3D:2C:97:95:30:41:DA:5D
Certificate issuer: /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial: 477E54513248B535589438CCCF2E3F487A0FF944
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access: rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/c79c9547-b29c-4f41-b7c0-0fad2abd4863.roa
Signing time: Sat 01 Nov 2025 00:50:09 +0000
ROA not before: Sat 01 Nov 2025 00:50:09 +0000
ROA not after: Sat 06 Dec 2025 23:59:59 +0000
asID: 16509
IP address blocks: 204.17.64.0/18 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
47:7e:54:51:32:48:b5:35:58:94:38:cc:cf:2e:3f:48:7a:0f:f9:44
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Validity
Not Before: Nov 1 00:50:09 2025 GMT
Not After : Dec 6 23:59:59 2025 GMT
Subject: serialNumber=7a77bc4697050d6ea5940e5e511f23bb4580790c06f1e12f7aae91cac92ecff1, CN=b25c970f-d813-445c-bfe2-62668518c87e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:79:a2:fb:b9:4b:53:8d:e6:91:7a:cf:b5:41:
1c:cd:59:54:c5:e4:3a:c3:75:d4:bc:9a:88:63:bf:
ab:2b:eb:83:ba:32:26:43:39:d5:61:81:7c:8c:22:
03:1b:ce:4f:4d:12:a0:bc:00:11:8c:76:8d:7b:7e:
d3:2e:73:93:17:a2:4f:74:0d:f2:a2:58:b0:bd:62:
37:e9:58:60:40:ba:f8:e4:ad:eb:48:5a:e5:ad:af:
d1:51:31:3b:cd:d4:ab:d9:ab:1e:bd:08:4d:5a:17:
14:98:e4:50:4a:a8:4f:eb:a4:18:b8:01:61:1f:46:
24:3d:7c:dc:3c:61:30:c4:ed:ee:4b:ef:cf:10:2a:
a8:31:b7:2f:e7:b2:20:b6:45:14:9d:d2:91:1a:ec:
4d:4c:f4:f6:97:93:3b:94:86:9b:62:d2:25:08:7e:
37:04:d8:6b:d6:6d:66:0d:66:1a:b7:9f:7e:48:26:
e6:22:ef:ed:19:ee:9d:b6:d6:be:da:a2:fd:87:db:
15:30:b0:1e:94:05:67:1b:33:e6:1e:41:74:1f:10:
74:26:2a:89:92:58:36:42:0c:e1:d3:2b:dd:b2:56:
90:ac:65:69:fd:84:51:18:0e:2d:58:f6:1c:62:2e:
7b:9c:07:da:7c:69:11:f0:c4:26:9f:6d:f5:73:48:
d6:97
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FF:CA:B9:2A:F7:B4:16:D9:DF:91:FF:A5:3D:2C:97:95:30:41:DA:5D
X509v3 Authority Key Identifier:
keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/c79c9547-b29c-4f41-b7c0-0fad2abd4863.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
204.17.64.0/18
Signature Algorithm: sha256WithRSAEncryption
52:13:ec:a6:4b:3d:2a:45:59:1a:a4:38:92:81:fe:c6:a3:5a:
05:2a:aa:06:48:37:03:b3:00:aa:ae:ad:ac:c9:e5:84:f4:d8:
a9:88:26:c1:86:97:4e:e3:cb:b2:6c:cc:e2:ff:51:ae:8f:d7:
13:00:e6:1d:73:87:1a:e3:1a:c6:35:7c:14:d3:81:76:93:ce:
a1:8c:75:c0:c4:c3:b0:4f:12:5b:47:38:06:d5:69:22:e9:27:
80:1e:e4:96:a0:c9:62:e1:53:50:62:3f:40:31:b6:70:b1:f9:
bc:f4:53:47:a9:0a:64:0b:f5:78:d6:a9:70:25:62:16:e6:a4:
58:c8:d0:a1:11:b6:32:d1:55:bf:f8:b9:bd:b2:4c:21:6d:4c:
ff:2e:9e:bd:2e:11:22:f3:62:12:f7:18:9f:ab:40:34:e6:4b:
88:1a:27:7a:da:d6:ac:13:6d:f4:31:c7:85:d8:7c:9f:e3:0f:
79:a7:59:db:fa:4a:61:1d:57:16:30:80:38:27:c1:48:80:e5:
94:0e:55:6d:8d:e7:4f:9d:39:16:07:b7:a1:28:72:0c:ee:cb:
d2:61:e9:52:b0:c0:f4:ae:58:6c:8d:11:c3:69:59:89:ea:e5:
36:f4:2e:f8:b3:2a:67:30:0b:18:f4:26:d5:2d:7f:02:d9:0e:
79:a6:83:44
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUR35UUTJItTVYlDjMzy4/SHoP+UQwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUxMTAxMDA1MDA5WhcNMjUxMjA2MjM1OTU5
WjB6MUkwRwYDVQQFE0A3YTc3YmM0Njk3MDUwZDZlYTU5NDBlNWU1MTFmMjNiYjQ1
ODA3OTBjMDZmMWUxMmY3YWFlOTFjYWM5MmVjZmYxMS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCweaL7uUtTjeaRes+1QRzNWVTF5DrDddS8mohjv6sr64O6
MiZDOdVhgXyMIgMbzk9NEqC8ABGMdo17ftMuc5MXok90DfKiWLC9YjfpWGBAuvjk
retIWuWtr9FRMTvN1KvZqx69CE1aFxSY5FBKqE/rpBi4AWEfRiQ9fNw8YTDE7e5L
788QKqgxty/nsiC2RRSd0pEa7E1M9PaXkzuUhpti0iUIfjcE2GvWbWYNZhq3n35I
JuYi7+0Z7p221r7aov2H2xUwsB6UBWcbM+YeQXQfEHQmKomSWDZCDOHTK92yVpCs
ZWn9hFEYDi1Y9hxiLnucB9p8aRHwxCafbfVzSNaXAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQU/8q5Kve0Ftnfkf+lPSyXlTBB2l0wHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyL2M3OWM5NTQ3LWIyOWMtNGY0MS1iN2MwLTBmYWQyYWJkNDg2My5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBAbMEUAwDQYJKoZIhvcNAQELBQADggEBAFIT7KZLPSpFWRqkOJKB/sajWgUq
qgZINwOzAKqurazJ5YT02KmIJsGGl07jy7JszOL/Ua6P1xMA5h1zhxrjGsY1fBTT
gXaTzqGMdcDEw7BPEltHOAbVaSLpJ4Ae5JagyWLhU1BiP0AxtnCx+bz0U0epCmQL
9XjWqXAlYhbmpFjI0KERtjLRVb/4ub2yTCFtTP8unr0uESLzYhL3GJ+rQDTmS4ga
J3ra1qwTbfQxx4XYfJ/jD3mnWdv6SmEdVxYwgDgnwUiA5ZQOVW2N50+dORYHt6Eo
cgzuy9Jh6VKwwPSuWGyNEcNpWYnq5Tb0LvizKmcwCxj0JtUtfwLZDnmmg0Q=
-----END CERTIFICATE-----
Generated at Wed Nov 5 08:00:24 2025 by rpki-client